CVE-2024-13698: jobify missing authz

CISO Take

Any WordPress site running Jobify theme ≤4.2.7 with AI image generation enabled exposes its OpenAI API key to unauthenticated abuse — attackers can drain your API quota and perform SSRF against internal networks. Update to ≥4.2.8 immediately and rotate the OpenAI API key. If patching is not immediate, disable the AI image generation feature or block the vulnerable endpoints at the WAF.

What is the risk?

Rated Medium (CVSS 6.5) but operationally higher due to zero-barrier exploitation: no auth, no user interaction, network-reachable. The financial exposure from uncapped OpenAI API consumption can far exceed what CVSS captures. SSRF component adds reconnaissance potential against internal infrastructure. Automated scanners will find this quickly given the WordPress ecosystem scale.

What systems are affected?

Package	Ecosystem	Vulnerable Range	Patched
jobify	—	—	No patch

Do you use jobify? You're affected.

How severe is it?

CVSS 3.1

6.5 / 10

EPSS

0.3%

chance of exploitation in 30 days

Higher than 23% of all CVEs

Source: EPSS v3 — FIRST.org

Exploitation Status

No known exploitation

Sophistication

Trivial

What is the attack surface?

AV Network

AC Low

PR None

UI None

S Unchanged

C Low

I Low

A None

What should I do?

6 steps

PATCH

Update Jobify theme to version 4.2.8 or later immediately.
ROTATE CREDENTIALS

Invalidate and regenerate the OpenAI API key configured in the theme — treat it as compromised.
SCOPE THE KEY

Issue a new OpenAI API key scoped only to image generation, with spending limits and rate limits set in the OpenAI dashboard.
WAF RULE

Block unauthenticated POST requests to wp-admin/admin-ajax.php with action=download_image_via_ai or action=generate_image_via_ai.
AUDIT USAGE

Review OpenAI API usage logs for anomalous generation spikes prior to patching — unexpected costs indicate active exploitation.
SSRF MITIGATION

Ensure the web server cannot reach internal/cloud metadata endpoints (169.254.169.254, 100.64.0.0/10) via egress filtering.

What does CISA's SSVC say?

Decision Track

Exploitation none

Automatable Yes

Technical Impact partial

Source: CISA Vulnrichment (SSVC v2.0). Decision based on the CISA Coordinator decision tree.

How is it classified?

Auth Bypass DoS Data Extraction API Plugin AML.T0034 - Cost Harvesting AML.T0040 - AI Model Inference API Access AML.T0048.000 - Financial Harm AML.T0049 - Exploit Public-Facing Application AML.T0091.000 - Application Access Token

Which compliance frameworks are affected?

This CVE is relevant to:

EU AI Act

Art.9 - Risk Management System

ISO 42001

A.9.1 - Information security policies for AI systems

NIST AI RMF

GOVERN-6.1 - Policies and procedures for AI risk management

OWASP LLM Top 10

LLM10 - Unbounded Consumption

Frequently Asked Questions

What is CVE-2024-13698?

Any WordPress site running Jobify theme ≤4.2.7 with AI image generation enabled exposes its OpenAI API key to unauthenticated abuse — attackers can drain your API quota and perform SSRF against internal networks. Update to ≥4.2.8 immediately and rotate the OpenAI API key. If patching is not immediate, disable the AI image generation feature or block the vulnerable endpoints at the WAF.

Is CVE-2024-13698 actively exploited?

No confirmed active exploitation of CVE-2024-13698 has been reported, but organizations should still patch proactively.

How to fix CVE-2024-13698?

1. PATCH: Update Jobify theme to version 4.2.8 or later immediately. 2. ROTATE CREDENTIALS: Invalidate and regenerate the OpenAI API key configured in the theme — treat it as compromised. 3. SCOPE THE KEY: Issue a new OpenAI API key scoped only to image generation, with spending limits and rate limits set in the OpenAI dashboard. 4. WAF RULE: Block unauthenticated POST requests to wp-admin/admin-ajax.php with action=download_image_via_ai or action=generate_image_via_ai. 5. AUDIT USAGE: Review OpenAI API usage logs for anomalous generation spikes prior to patching — unexpected costs indicate active exploitation. 6. SSRF MITIGATION: Ensure the web server cannot reach internal/cloud metadata endpoints (169.254.169.254, 100.64.0.0/10) via egress filtering.

What systems are affected by CVE-2024-13698?

This vulnerability affects the following AI/ML architecture patterns: AI-enabled web applications (WordPress + OpenAI integration), Shared API key architectures, Cloud-hosted web servers with SSRF exposure to metadata endpoints.

What is the CVSS score for CVE-2024-13698?

CVE-2024-13698 has a CVSS v3.1 base score of 6.5 (MEDIUM). The EPSS exploitation probability is 0.31%.

What is the AI security impact?

Affected AI Architectures

AI-enabled web applications (WordPress + OpenAI integration)Shared API key architecturesCloud-hosted web servers with SSRF exposure to metadata endpoints

MITRE ATLAS Techniques

AML.T0034 Cost Harvesting

AML.T0040 AI Model Inference API Access

AML.T0048.000 Financial Harm

AML.T0049 Exploit Public-Facing Application

AML.T0091.000 Application Access Token

Compliance Controls Affected

EU AI Act: Art.9

ISO 42001: A.9.1

NIST AI RMF: GOVERN-6.1

OWASP LLM Top 10: LLM10

What are the technical details?

Original Advisory

The Jobify - Job Board WordPress Theme for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'download_image_via_ai' and 'generate_image_via_ai' functions in all versions up to, and including, 4.2.7. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application to upload files in an image format, and to generate AI images using the site's OpenAI key.

Exploitation Scenario

An unauthenticated attacker scans for WordPress sites running Jobify using WPScan or passive techniques. They issue a POST to /wp-admin/admin-ajax.php with action=generate_image_via_ai — no credentials required. The server uses the site's OpenAI API key to generate arbitrary images, billed to the victim. In parallel, the attacker abuses download_image_via_ai to trigger outbound HTTP requests to internal addresses (e.g., AWS metadata endpoint http://169.254.169.254/latest/meta-data/) to harvest cloud credentials. Both attack paths are trivially automatable and can be executed against thousands of Jobify installations in bulk.

Weaknesses (CWE)

CWE-862 Missing Authorization

CWE-862 — Missing Authorization: The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

[Architecture and Design] Divide the product into anonymous, normal, privileged, and administrative areas. Reduce the attack surface by carefully mapping roles with data and functionality. Use role-based access control (RBAC) [REF-229] to enforce the roles at the appropriate boundaries. Note that this approach may not protect against horizontal authorization, i.e., it will not protect a user from attacking others with the same role.
[Architecture and Design] Ensure that access control checks are performed related to the business logic. These checks may be different than the access control checks that are applied to more generic resources such as files, connections, processes, memory, and database records. For example, a database may restrict access for medical records to a specific database user, but each record might only be intended to be accessible to the patient and the patient's doctor [REF-7].

Source: MITRE CWE corpus.